class SessionsController < ApplicationController

  def new
  end

  def create
  	user = User.find_by(email: params[:session][:email]).try(:authenticate, params[:session][:password])
  	# user = User.authenticate(params[:session][:email], params[:session][:password])
  	if user.nil?
  		flash[:error] = "Invalid email/password combination."
  		render :new
  	else
  		sign_in user
  		redirect_to :users
  	end
  end

  def destroy
  	sign_out
  	redirect_to login_path
  end

  private

  def user_params
	params.require(:session).permit(:email, :password)
  end

end
